[Zope] Re: Zope cookies data point

Shane Hathaway shane@zope.com
Mon, 26 Aug 2002 16:34:51 -0400


Brian Ray Brinegar wrote:
> 
> On Mon, 26 Aug 2002, Kyler Laird wrote:
>>Anyway...I'm willing to pay a small bounty for someone
>>to get rid of cookie dependency in the management
>>interface.
> 
> Doesn't Zope have some nifty session managment features now? I think this
> session management is server side, why not throw copy and paste data in
> there?

Session management depends on cookies. :-)  I guess the session manager 
could use the authentication token as the session key, which would work 
for some situations but not others.

Here's another thought: when a session is active, reading cookies from 
the request and writing them in the response could be redirected through 
the session machinery, since a session is a perfect place to store lots 
of cookies.

If you combined those two ideas, we'd be able to remove dependence on 
cookies from all Zope apps, including the ZMI, at once.  This could even 
start as a monkey patch product, just to let people try it out without 
upgrading Zope.

Oh, there's a bounty?  In that case, it will be really hard.  We'll have 
draft a design document, elaborate, and write Java + assembly code and 
test it on all platforms.  Wow, it'll take weeks. ;-)

Shane